Skip to main content

Junie

3 CVEs product

Monthly

CVE-2026-41153 MEDIUM PATCH This Month

Command execution in JetBrains Junie before version 252.549.29 allows local attackers to execute arbitrary commands by crafting malicious project files, requiring user interaction to open the file. The vulnerability affects all Junie versions prior to the patched release and exploits unsafe handling of project file content without proper sanitization.

Command Injection Junie
NVD VulDB
CVSS 3.1
5.8
EPSS
0.0%
CVE-2025-59458 HIGH This Week

In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection RCE Junie
NVD
CVSS 3.1
8.3
EPSS
0.0%
CVE-2025-58335 MEDIUM This Month

In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 information disclosure was. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Junie
NVD
CVSS 3.1
5.5
EPSS
0.0%
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

Command execution in JetBrains Junie before version 252.549.29 allows local attackers to execute arbitrary commands by crafting malicious project files, requiring user interaction to open the file. The vulnerability affects all Junie versions prior to the patched release and exploits unsafe handling of project file content without proper sanitization.

Command Injection Junie
NVD VulDB
EPSS 0% CVSS 8.3
HIGH This Week

In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection RCE Junie
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 information disclosure was. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Junie
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy